WFMU's Beware of the Blog

It's been one month since details of Sony's invasive Digital Rights Management rootkit malware came to light.  (See my earlier articles: Nov. 1, Nov. 3, and Nov. 7.)

About 9,777 blogs now mention "Sony rootkit", while a web search for Sony rootkit malware yields 13 million results.  Here's a messy update on this mess:

Sony hired First 4 Internet (one of whose corporate directors spent 12 years as a Sony director) to build the intrusive digital restrictions management software "XCP", which has been quietly installing itself on about half a million computers over the past year, including military and government sites.  Many more Sony CD's install spyware DRM called "MediaMax", made by another Sony-related company, SunnComm.

Some of the bad things the XCP and MediaMax DRM malware do:

• Modifies your OS to hide and embed itself (and helps other malware hide itself).  It masquerades as a real Windows service, to make it harder to notice that something bad is running.
• Interferes with your computer's ability to read the audio on that CD, not letting you use your own audio player.
• Silently interferes with any CD-ripping software you might use, even with non-Sony CD's, adding random noise to your copies.
• Secretly "phones home" to send information about you and your listening habits back to Sony (although Sony originally denied this).
• Runs all the time and slows your computer down.
• Can crash your computer, while being difficult to diagnose and repair due to its self-hiding methods.
• Using advanced tools to try to uninstall the software can render your computer's CD drives completely useless.

Some bad things Sony (and friends) appear to have done:

• Snuck the XCP software onto people's computers, providing nothing but a legal jargon license that never actually explained what the software would do, while claiming it could be uninstalled without providing an uninstall mechanism.
• The MediaMax software may install even if the user clicks "Decline."

Decency Drool on the Hill
A recent Senate forum on indecency and broadcasting unearthed a wealth of old ideas and opinions from the usual suspects: FCC Chairman Kevin Martin, outraged christians from the PTC, uptight Senator Ted Stevens, and a few TV networks. As predicted, Martin wants to drag cable and satellite TV into the FCC's domain (they already have a bit, as a recent ruling by the commission requires cable and satellite programmers to comply with the nation's Emergency Alert System, EAS), forcing them to offer a-la-carte programming in the name of protecting families (bad news if you're anything like this guy). The pressure is now on for the FCC to levy indecency fines to TV stations with pending complaints before the end of 2005. Indecency fines for radio stations under investigation for infringements, meanwhile, aren't expected to surface until next year.

CPB Shake-Up
Kenneth Tomlinson, the republican former Chairman of the Corporation for Public Broadcasting (CPB), resigned from the board this November, in light of an investigation that found him responsible for misappropriating CPB funds, violating the organization's ethics code, and breaking federal laws. Earlier this year, Tomlinson secretly hired a "consultant" to uncover evidence of liberal bias in PBS programs, leading to the ousting of veteran host Bill Moyers and the creation of a right-bent news program (more on the debacle here). The republican plan to force a partisan agenda in the venue of public broadcasting has been put at bay, at least for now.

Warner Music Group Fesses Up to Payola Accusations
Another Eliot Spitzer-led payola investigation ends with a multi-million dollar settlement...

Meanwhile, Up North
A malicious radio signal disrupted the band at 390 MHz in Ottowa, Canada earlier this month, disabling remote control garage door openers in a 25-mile radius. Some residents are blaming the U.S. military's new Land Mobile Radio System for the interference, but we suspect that the extraterrestrials have now found our most vulnerable weakness and could launch into a full-fledged attack at any moment.

Energy Drink Disguised as Poison... wait, Poison Disguised as Energy Drink
In Missouri, the gatorade/antifreeze myth finally comes to fruition: a wily radio host was charged with slowly poisoning his wife to death by adding antifreeze to her gatorade.

Lawsuits, incompetence, and denial: Some news in the case of Sony's music CD's installing nasty hidden software on people's computers. (Prior articles: Sony CD's caught... & Sony releases PR "patch"...)

Declan McCullagh writes in CNET about a class action lawsuit being prepared against Sony, and the possible reverse lawsuit that could occur from Sony against those who dare to remove the malware from their own machines:

Now the lawyers are taking aim, too. Robert Green, a partner at the San Francisco firm of Green Welling, says he's readying a class action lawsuit against Sony.
[...] In a bizarre twist, though, it's not only Sony that could be facing a legal migraine. So could anyone who tries to rid their computer of Sony's hidden anticopying program. That's because of Section 1201 of the Digital Millennium Copyright Act, which bans the "circumvention" of anticopying technology.

An Italian group (ALCEI: Electronic Frontiers Italy, which is the "Association for the Freedom in the Interactive Communication Electronic" using a bad translating program) is pursuing a suit against Sony. (Here's the suit announcement, badly translated from Italian.)

Mark Russinovich of Sysinternals receives a response from First 4 Internet, author of Sony's DRM malware, denying all wrongdoing.  Russinovich refutes all their denials:

[...] Their claim that the communication is "one way" from Sony's web site is false, however, since Sony can make a record of each time their player is used to play a CD, which CD is played, and what computer is playing the CD.
[...] Sony's patch is dangerous because the way that it removes the cloak could crash Windows.
[...] Besides demonstrating the ineptitude of the First 4 Internet programmers, this flaw highlights my message that rootkits create reliability risks in addition to security risks.
[...] The comment does not explain why Sony won't simply make the uninstaller available as a freely accessible download like they do the patch, nor why users have to submit two requests for the uninstaller and then wait for further instructions to be emailed (I still have not received the uninstaller). The only motivation I can see for this is that Sony hopes you'll give up somewhere in the process and leave their DRM software on your system.
[...] Instead of admitting fault for installing a rootkit and installing it without proper disclosure, both Sony and First 4 Internet claim innocence. By not coming clean they are making clear to any potential customers that they are not only technically incompetent, but also dishonest.

UPDATE: Sony's Deteriorating DRM Mess: One Month Later (Dec. 1, 2005)

After a flurry of thousands of blog postings (those pesky bloggers!) exposing the nasty malware Sony CD's had been hiding on people's computers (here's my original discussion of the situation), Sony has, predictably, made an (empty) Public Relations move.

Sony has released a "patch" which the mainstream media is covering with misleading headlines like "Sony Music issues fix to anti-piracy program." But all this "patch" does is make some of the internal files associated with their nasty program appear less hidden.  It doesn't do a thing to address the majority of the problems with the malware.  It doesn't remove the sneaky DRM.  And, rumor has it that this patch will reinfect a machine that was previously cleansed of the malware.  (Read Sony's spin here)

Here's the original list of issues from my previous article:

• 1. The hidden software is poorly written, and hogs computer resources at all times, even when CD's aren't being played.
• 2. Its hiding techniques could inadvertently make it easy for others to hide software on the machine.
• 3. It takes actions that could result in a system crash.
• 4. It disguises itself as a legitimate Windows service.
• 5. It doesn't provide a way to remove the software.
• 6. Upon manual removal of the software, the CD drive can be rendered useless.

The new Sony patch only addresses issue #2.  It totally ignores the rest of them, and of course ignores the broader issue that Digital Rights Management is bad for everyone.  If the movie- and music-industry owned politicians have their way, "forget, realistically, that your computer will ever be under your control again."

Here's a longer article on this subject: Sony DRM is worse than you might think.

By the way, Universal Music uses the same DRM malware.  UPDATE 11/29/05: Since First 4 Internet has removed all their pages that admit to this, read the excerpts on Google's search results page instead.

My previous article for more background on this subject: Sony CD's caught installing extremely well-hidden and sketchy DRM software

UPDATE: Lawsuits against Sony for sneaky DRM, and refuted denials from malware author (Nov. 7, 2005)
UPDATE: Sony's Deteriorating DRM Mess: One Month Later (Dec. 1, 2005)

Yesterday, Windows innards guru Mark Russinovich of Sysinternals wrote of his disturbing discovery regarding one of those newfangled "copy-protected CD's."

(These are music CD's that self-install software on your computer, and then prevent you from doing some of the things you might want to do -- like copy a song for a mix CD.  Some artists have spoken out against this freedom-reducing scheme that has been used on their CD's without their consent -- although major record labels working against the interests of artists is nothing new.)

Russinovich discovered that this CD had installed its software in an extremely well hidden way, via something called a "rootkit," which basically interferes with the operating system kernal so that it becomes extremely difficult to detect its presence, or to remove it.

His findings included:

• This hidden software appeared to be poorly written, and was hogging up some of his computer's resources at all times, even when he wasn't playing the CD.
• Its hiding techniques would also have inadvertently made it easy for others to hide software on his machine.
• It took actions that could have resulted in a system crash.
• It tried to disguise itself as a legitimate Windows service.
• It didn't provide a way to remove the software.
• Upon his own manual removal of the software, his CD drive was rendered useless.

These are exactly the techniques commonly used by the most insidious malware (viruses, worms, spyware, etc.), the ones that are so difficult to remove from Windows machines.

And he found that this software had been installed by the CD he'd gotten from Sony.

The End User License Agreement (EULA) from Sony went into none of these details, merely saying that "a small proprietary software program" would be installed on his machine.  The EULA actually mentioned removal of the software, even though there was no means provided to remove what he had found.

This is a big deal, and one might expect a lawsuit (class action?) to evolve out of this (putting aside the "Waiver of Trial by Jury" clause in the EULA).

Here's Russinovich's article: "Sony, Rootkits and Digital Rights Management Gone Too Far" (which is quite thorough and very technical).

The wise and careful (who of course already avoid DRM, by not buying protected CD's, or protected audio from the iTunes Store) who scan their machines for malware (with free tools such as Spybot-Search & Destroy and Ad-Aware) might consider adding the free Sysinternals RootkitRevealer tool to their arsenal.

Here's Cory Doctorow of EFF on Why DRM is bad everyone (and here's another critique of his).

Finally, Richard Stallman of The Free Software Foundation: Can You Trust Your Computer?

UPDATE: Sony releases PR "patch" for its DRM malware that doesn't address the problems (Nov. 3, 2005)
UPDATE: Lawsuits against Sony for sneaky DRM, and refuted denials from malware author (Nov. 7, 2005)
UPDATE: Sony's Deteriorating DRM Mess: One Month Later (Dec. 1, 2005)

"You can't stop bloggers from launching an allout attack on you or your business if that's what they decide to do--but you can defend yourself."  OK, that's what online business mag Forbes.com says here.

Tips include (paraphrased):

• Hire a watchdog company to spot smears to your company's good name and "stamp them out"
• Bribe other bloggers to build your own propaganda army out of commoners
• Play dirty: "Dig up dirt on your assailant and feed it to sympathetic bloggers"
• Threaten to sue the ISP under the DMCA. (After all, you're a corporation!  You've got a nice juicy law like that written just for you.  Use it!)
• Heck, sue the blogger.  Who's going to fare worse being dragged through years of court hassles and expenses: An abstract entity with a ton of money (that's you), or a real human being?

Corporation as psychopath, anyone?

I apologize for reminding everyone about the horrific election we had here in the states last year, but you may recall that roughly a year ago the people at JibJab made a hoakey video about President Bush and John Kerry set to the tune of "This Land is Your Land" by Woody Guthrie. As you also may recall, Ludlow Music, who owned the copyright for the song, filed a ridiculous lawsuit against JibJab for not obtaining proper permission to use the music. JibJab ended up hiring the wonderful people at the EFF to help defend their right to fair use and argued in their pleading that:

"(Ludlow Music's threats) have jeopardized (JibJab's) First Amendment-protected right to free speech and its right to disseminate that speech via its Internet hosting facilities. (JibJab) therefore seeks a judgment that its artistic expression is protected by the First Amendment and copyright's fair use doctrine, before that expression is silenced by (Ludlow's) threats."

Inexplicably, as noted by the people at the Berkeley Intellectual Property Weblog, it appears that the Jib Jab people have now turned around and sent a cease and desist letter to The Black Lantern for using 9 non-contiguous seconds of the "This Land" video in his mashup of the Legendary KO's "George Bush doesn’t like Black People". To make matters even more surreal, JibJab's lawyers in the case  (Goldring, Hertz, Lichtenstein & Haft) like to collect "Bill of Rights" awards from the ACLU in their spare time (clearly these awards only honor amendments 2 through 10).

And Dischord Records isn't happy about it. via pitchfork
UPDATE: Nike's skateboarding division issued this apology.

The RIAA, in conjunction with the New York Police Department (Or vice versa, depending on who you believe) raided Mondo Kims yesterday, arresting five store employees and charging them with trademark counterfeiting. The police seized 470 CDs, 53 videos and 27 DVDs. They also seized DVD and CD burning equipment. Most of the seized goods were described as "urban in nature," meaning that the seized CDRs were mostly hip-hop CDR mixes. Article from the NY Times here (may require password) and from MTV here.

Looking at Carrie McLaren's Stay Free Daily blog today I was reading about artist Howard Hallis, who was slapped with a takedown order from Chick Tracts for his parody of one of their comics. What really blew our minds was his ungodly detailed Picture of Everything, which literally IS. I mean, it makes the Sgt. Pepper's cover look like a work of minimalism. Click on sections to see upclose details of individual corners of the universe, and positioning your browser over a topic gets a pop-up TAG of what it is (see the Current 93 band logo in one closeup depicted here). We spent the entire afternoon marvelling at the array of stuff: band symbols, every comic character under the sun, every spaceship that's ever been on TV or in the movies (including the bone-shaped one from Spaceballs), and just everything other absurd image you can think of ("my mother next to Christo's Umbrellas"). And then you can go underwater in the pic and a whole new universe opens! Jump in, spend an hour. Or a week.

Cornell University recently hosted a spectacular debate surrounding the issues of copyright and filesharing, with a cast and crew of intellectual property superstars on both sides of the fence: heavyweights from academia, RIAA, MPAA, Napster, EFF (Electronic Frontier Foundation), and NBC/Universal hashed it out for over 3 hrs.

Streaming video (Real Player) available here (via Cornell University).

Or, check out this page for downloadable MP3 torrents of the debate, along with some links to articles pertinent to the digital copyright controversy.

I authored an earlier post about how copyright law is being interpreted in the case of sampling and mash-ups. Is reform on the way? Sampling, mashups, and other methods of audio artistry have caused many in the music world to question whether or not we need to update the 1976 Copyright Act to ease the burden that is laid upon the shoulders of sound collage artists.

Organizations like Creative Commons are leading the movement to redefine the licensing of works to both clarify (and many times encourage) the conditions under which the work may be used by others. This system, which functions under current copyright law, allows an artist to both maintain certain rights associated with their work, yet also offer it up for use by other artists to sample or remix.

An interesting twist to the ever-growing copyright saga: one enterprising man has obtained the North American rights to many Cantonese pop songs and videos and is busting karaoke bars that use bootlegged versions. Labels including EEG, Universal, Warner, Go East, EMI, and BMG have signed agreements with Nicolas Chai and his royalty collection company Entral.

About 300 karaoke bars across the U.S. are being investigated for using bootleg karaoke videos, and will have to pay $20,000-$30,000 (!) per year in royalties to Entral. Bars refusing to pay are being sued, and their karaoke equipment seized by local authorities.

Read the whole story here.

Here's a link to a ten minute long trailer for a forthcoming documentary on sampling and copyright. The doc will be called Copyright Criminals and it's by Kembrew Mcleod and Benjamin Franzen. The trailer contains clips from copright / sampling superstars Lawrence Lessig, Pete Rock, Matmos, DJ Qbert, Negativland and even our own Vicki Bennett. Link to Quicktime movie.

Will the FCC manage, once again, to dictate how TVs are made? A group called Public Knowledge is challenging a new FCC regulation meant to prevent the sharing of TV programs over the internet. The hearings begin in the U.S. Court of Appeals tomorrow.

If the courts side with the FCC, the new rule would require the addition of a “no-no” flag to all digital TVs (and all other consumer electronics that are able to receive these digital signals over the air) made after July 1. This flag would prevent any content from being distributed to non-“no-no” flag compliant devices.

Of course, this won’t prevent the 95% of us who do not own digital TVs from pirating away.

Link to Wired News article.

UPDATE: A law student blogger attended the hearing today (2/22/05) in D.C., and you can read his notes here. According to CNET, 2 out of 3 judges thought the FCC jumped the gun, as they had no approval from congress to implement this change.

Sony has issued a cease and desist letter (pdf file) to Beatallica's Internet Service Provider to prevent the further dissemination of songs like this. (mp3)

Quello è porco molto!

An Italian DJ was fined 1.4 million big ones for dragging a laptop full of MP3s down to a club.

via FMBQ.

I'm not sure that Andy Breckman would've cast Ted Levine as Captain Stottlemeyer on his little TV show Monk if he had seen his earlier music video work. (The Greenskeepers streaming video clip "Lotion") Not Safe for work: music or video.

To celebrate the long-awaited arrival of our cheap bandwidth, and to test the limits of our servers as well as my own common sense, I'm making this great hour-long celebration of sampling, mashups and general sonic tomfoolery available for 36 hours or so. It's called Raiding the 20th Century - Words and Music Expansion featuring Paul Morley, and it's by Strictly Kev, although DJ Food also figures in here somewhere also.

I played a few excerpts of this on my show last Wednesday, but frankly, my attention span has suffered irreversible damage from years of living in New Jersey, so I didnt play anywhere near the whole thing and probably wouldn't until next summer, when Re:Mixology will hopefully come back on our schedule.

So download this sucker while it's available, if you got yourself one of them new-fangled broadband connections. It's over 70mb tall, so be patient. Big Momma MP3 Download.

UPDATE: Our server is handling this file just fine, so I'm going to leave it up after all.

As I was listening to Doug Schulkind’s show this morning, the song “Love and Understanding” (click to hear in Real Audio) by Sugar Minott struck a faint memory of some misfiled factiod in my brain... I seemed to recall that this artist, one of the most prominent figures in the Jamaican reggae and dancehall movement, was also one of the first to record new songs over old and established rhythm tracks. It turns out that the backing track for “Love and Understanding” is actually William De Vaughn’s “Be Thankful For What You’ve Got” (Real Audio link from WFMU's archives).

Fast-forwarding to the late 80’s/early 90’s hip-hop scene, the art of sampling pop songs exploded, with copyright and intellectual property law trailing behind closely. I came across an interview with Chuck D  and Hank Shocklee of Public Enemy, discussing how copyright law is affecting hip-hop (link to June 2004 article in Stay Free! Magazine).

Back in 1988 when the Public Enemy album “It Takes a Nation of Millions to Hold Us Back” was released, copyright issues were rarely considered, save for cases where the entire rhythm track of a pop song was looped and rapped over. But what about hip-hop songs that sampled bits and pieces from many different sources? Did the artists then have to purchase rights from each of these sources individually? You betcha. So a band like Public Enemy, who typically used to sample tens of other songs, were in a tough spot. Just listen to the instrumental track of P.E.’s “Bring the Noise” (Real Audio) from Charlie’s show a while back. And for good measure, here’s the a capella vocal track for “Bring the Noise.”

There are two different copyrights to pay for per sample:
1. Publishing, which is for the written music
2. Master recording, which is for the song as it is played on a specific recording

(i.e., Jacko owns the publishing copyrights for most Beatles songs, but EMI owns the master recording copyrights)

For hip-hop artists, the way around paying BOTH of these fees is to have their musicians imitate the original recording (thus avoiding having to pay the master recording copyright). This method was used by Dr. Dre (looking mighty gangsta in this photo). Listen to his song, “Deep Cover” here (Real Audio snagged from an archive of Nickel and Dime Radio), featuring Snoop Dog. The backing track of this song was originally derived from an unknown source (the rumor mill says it was from Underground Railroad, but don’t condsider that gospel), which was emulated by Dre’s studio musicians for his purposes.

Now consider mash-ups, the latest sampling craze that the kids have co-opted. For those not riding the metaphorical L train these days, mash-ups are created when a DJ superimposes layers of 2 or more different pop songs, rendering a strange, yet somehow apt, new interpretation. For example, in mash-up land:

The Beatles “White Album” + Jay-Z’s “Black Album” = Mash-up “Grey Album”

Sounds like it wouldn’t work, right? You will no doubt be amazed by how well-produced a lot of mash-ups are. Some WFMU favorites include Go Home Productions and the Kleptones (click to hear  Real Audio mashups from the WFMU archives).

How will copyright law affect these masher-uppers? Check out these articles: L.A. Times (via Sound Commons) and Alternet for more info.

Do the fun police approve of mash-ups? Read about the RIAA’s stance here. They may be sending a mixed message, though. This year’s Grammy Awards will feature a mash-up medley with the likes of RIAA-buddies Black Eyed Peas, Gwen Stefani, Eve, Los Lonely Boys, Maroon 5, and Franz Ferdinand. (Link to the story in the NY Daily News)